More Crap From the E.U.

Posted on January 25th, 2012 by Derek Bambauer

Guest post by Jane Yakowitz

Now that the European Union’s member states are flailing around attempting to implement their miserable cookie directive, the European Commission has decided it’s a good time to retard the Internet some more.

Today the European Commission will release an already-leaked new version of the Data Protection Directive which firmly establishes a European right to data erasure, or “right to be forgotten.” Article 17 will give EU residents an unprecedented inalienable right to control and delete facts that were once voluntarily communicated by the subject. Moreover, the right to erasure covers all publications of the personal information. As the preamble explains:

To strengthen the ‘right to be forgotten’ in the online environment, the right to erasure should also be extended in such a way that any publicly available copies or replications in websites and search engines should also be deleted by the controller who has made the information public.

The European Commission’s Vice President for Justice has clarified that the data deletion rule applies even to information that the data subject communicates herself on a public web forum like Facebook.

The right to be forgotten supposedly has some limits:

However, the further retention of the data should be allowed where it is necessary for historical, statistical and scientific research purposes, for exercising the right of freedom of expression, when required by law, or where there is a reason to restrict the processing of the data instead of erasing them.

But this exception is undermined both by the necessity language (when, exactly, is a single factum “necessary” for history or expression?) and by the downright draconian fines that are imposed for noncompliance. Article 79 instructs EU authorities to collect 1% of an enterprise’s annual revenue in fines for failure to comply with the right to be forgotten.

I am disappointed, but not surprised, to see the EU continue a misguided attack on the information economy. The right to be forgotten unequivocally favors the interests of the data subject, no matter how selfishly motivated, over the interests of data controllers and other consumers. Moreover, by making the right of erasure inalienable, the EU prevents its own citizens from participating in a business model that allows consumers to trade their information for stuff they want—convenience, discounts, or content. EU residents have no unencumbered information to sell.

The popular understanding in U.S. privacy discourse is that the EU does a better job protecting consumers from big corporations than the U.S. On the surface this looks right—after all, the regulations speak almost exclusively of “rights” granted to consumers, and almost exclusively of “obligations” imposed on business entities. But on closer inspection, Europe’s approach to information privacy is more emblematic of a desire to hold technology fixed, as if the amount of information people had about one another just before the advent of the Internet was the right amount for some reason. Sooner or later, the policies motivating the EU Data Protection Directive will prove to be counter-productive and regressive. The negative right against automated processing is a good example:

Every natural person should have the right not to be subject to a measure which is based on profiling by means of automated processing.

Article 20 gives every EU resident has an absolute right to stop a company from using predictive analytics concerning employment, creditworthiness, or health decisions. (These examples come straight from the text of the new regulations.) This sounds like a good deal for data subjects until one thinks for a moment about who the local losers would be. There are two possibilities. The opt-out might create a market for lemons where the person’s decision to opt out serves as a reliable signal of some sort of problem. This quite obviously cuts against the goals of the opt-out right.  Alternatively, opt-outs will simply muddy the predictive models for everybody. Credit, for example, will be extended to applicants who are slightly more likely to default. The lower income applicants who might have looked more were creditworthy in comparison will pay higher interest rates, if credit is extended at all. Hooray.

Allegedly, one of the motivations for amending the directive is to make consumers feel more comfortable with e-commerce.

Lack of trust makes consumers hesitate to buy online and adopt new services. This risks slowing down the development of innovative uses of new technologies. Personal data protection therefore plays a central role in the Digital Agenda for Europe.

Complete and utter hogwash. And it’s old hogwash, too. Consumer mistrust and timidity has been trotted out as a threat to e-commerce for as long as there have been public opinion surveys about the Internet. The theory refuses to die despite ample evidence to the contrary.  Now I am not suggesting that everything consumers do is per se good for them; law can and should occasionally force producers and service providers to take precautions that consumers would not choose to pay for if they could help it.  Information asymmetries and optimism bias are among the justifications. But the claim that consumers are shying away from Internet commerce and services does not comport with actual consumer behavior.

Google and other major Internet companies might want to start coordinating a protest similar to the effective campaign we saw here in the states in response to SOPA. If Google makes every person with the first name “John” ungoogleable for a day, and if online retailers refuse to access cookie data for a day, and if content providers double the amount of advertising for a day, pressure can build before the Directive comes to a vote.

For European Internet users, the deal is getting worse all the time. Pray the European Commissioners don’t alter it any further.

 

UPDATED: The draft that was released today is modified from the late November draft I used for my original post. The right to be forgotten is now found in Article 17, the right to object to processing is contained in Articles 19 and 20, and the Article 79 fines have been lowered from 3% to 1% of annual global revenues. I have edited this post accordingly. Here is the current draft.

No Comments »
Filed under: Anonymity, Corporate Law, First Amendment, Google, Intermediaries, Internet & Society, ISP, Privacy

Cybersecurity Puzzles

Posted on January 24th, 2012 by Derek Bambauer

Cybersecurity is in the news: a network intrusion allegedly interfered with railroad signals in the Northwest in December; the Obama administration refused to support the Stop Online Piracy Act due to worries about interfering with DNSSEC; and the GAO concluded that the Department of Homeland Security is making things worse by oversharing. So, I’m fortunate that the Minnesota Law Review has just published the final version of Conundrum (available on SSRN), in which I argue that we should take an information-based approach to cybersecurity:

Cybersecurity is a conundrum. Despite a decade of sustained attention from scholars, legislators, military officials, popular media, and successive presidential administrations, little if any progress has been made in augmenting Internet security. Current scholarship on cybersecurity is bound to ill-fitting doctrinal models. It addresses cybersecurity based upon identification of actors and intent, arguing that inherent defects in the Internet’s architecture must be remedied to enable attribution. These proposals, if adopted, would badly damage the Internet’s generative capacity for innovation. Drawing upon scholarship in economics, animal behavior, and mathematics, this Article takes a radical new path, offering a theoretical model oriented around information, in distinction to the near-obsession with technical infrastructure demonstrated by other models. It posits a regulatory focus on access and alteration of data, and on guaranteeing its integrity. Counterintuitively, it suggests that creating inefficient storage and connectivity best protects user capabilities to access and alter information, but this necessitates difficult tradeoffs with preventing unauthorized interaction with data. The Article outlines how to implement inefficient information storage and connectivity through legislation. Lastly, it describes the stakes in cybersecurity debates: adopting current scholarly approaches jeopardizes not only the Internet’s generative architecture, but also key normative commitments to free expression on-line.

Conundrum, 96 Minn. L. Rev. 584 (2011).
Cross-posted at Concurring Opinions.

No Comments »
Filed under: Anonymity, Computer crime, Encryption, Intermediaries, international, Internet & Society, ISP, Minnesota, national security, NSA, Politics, Privacy, Scholarship, Security, Software

Why Scalia is Right in Jones: Magic Places and One-Way Ratchets

Posted on January 24th, 2012 by Derek Bambauer

The Supreme Court handed down its decision in U.S. v. Jones yesterday, and the blogosphere is abuzz about the case. (See Margot Kaminski, Paul Ohm, Howard Wasserman, Tom Goldstein, and the terrifyingly prolific Orin Kerr.) The verdict was a clean sweep – 9-0 for Jones – but the case produced three opinions, including a duel between Justices Antonin Scalia and Samuel Alito. Thus far, most privacy and constitutional law thinkers favor Alito’s position. That’s incorrect: Justice Scalia’s opinion is far more privacy protective. Here’s why: Read more…

No Comments »
Filed under: Anonymity, Court Decisions, Politics, Privacy, Scholarship

Goldilocks and Cybersecurity

Posted on January 21st, 2012 by Derek Bambauer

It may seem strange in a week where Megaupload’s owners were arrested and SOPA / PROTECT IP went under, but cybersecurity is the most important Internet issue out there. Examples? Chinese corporate espionage. Cyberweapons like Stuxnet. Anonymous DDOSing everyone from the Department of Justice to the RIAA. The Net is full of holes, and there are a lot of folks expert in slipping through them.

I argue in a forthcoming paper, Conundrum, that cybersecurity can only be understood as an information problem. Conundrum posits that, if we’re worried about ensuring access to critical information on-line, we should make the Net less efficient – building in redundancy. But for cybersecurity, information is like the porridge in Goldilocks: you can’t have too much or too little. For example, there was recent panic that a water pump burnout in Illinois was the work of cyberterrorists. It turned out that it was actually the work of a contractor for the utility who happened to be vacationing in Russia. (This is what you get for actually answering your pager.)

The “too little” problem can be described via two examples. First, prior to the attacks of September 11, 2001, the government had information about some of the hijackers, but was impeded by lack of information-sharing and by IT systems that made such sharing difficult. Second, denial of service attacks prevent Internet users from reaching sites they seek – a tactic perfected by Anonymous. The problem is the same: needed information is unavailable. I think the solution, as described in Conundrum, is:

increasing the inefficiency with which information is stored. The positive aspects of both access to and alteration of data emphasize the need to ensure that authorized users can reach, and modify, information. This is more likely to occur when users can reach data at multiple locations, both because it increases attackers’ difficulty in blocking their attempts, and because it provides fallback options if a given copy is not available. In short, data should reside in many places.

But there is also the “too much” problem. This is exemplified by the water pump fiasco: after 9/11, the federal government, including the Department of Homeland Security, began a massive information-sharing effort, such as through Fusion Centers. The difficulty is that the Fusion Centers, and other DHS projects, are simply firehosing information onto companies who constitute “critical infrastructure.” Much of this information is repetitive or simply wrong – as with the water pump report. Bad information can be worse than none at all: it distracts critical infrastructure operators, breeds mistrust, and consumes scarce security resources. The pendulum has swung too far the other way: from undersharing to oversharing. Finding the “just right” solution is impossible; this is a dynamic environment with constantly changing threats. But the government hasn’t yet made the effort to synthesize and analyze information before sounding the alarm. It must, or we will pay the price of either false alarms, or missed ones.

(A side note: I don’t put much stock in which federal agency takes the lead on cybersecurity – there are proposals for the Department of Defense, or the Department of Energy, among others – but why has the Obama administration delegated responsibility to DHS? Having the TSA set Internet policy hardly seems sensible. Beware of Web-based snow globes!)

Cross-posted at Concurring Opinions.

No Comments »
Filed under: badware, Computer crime, Digital Media, Encryption, Impersonation, Intermediaries, international, Internet & Society, Media, national security, NSA, Privacy, Scholarship, Security, Software

Censorship on the March

Posted on January 18th, 2012 by Derek Bambauer

Today, you can’t get to The Oatmeal, or Dinosaur Comics, or XKCD, or (less importantly) Wikipedia. The sites have gone dark to protest the Stop Online Piracy Act (SOPA) and the PROTECT IP Act, America’s attempt to censor the Internet to reduce copyright infringement. This is part of a remarkable, distributed, coordinated protest effort, both online and in realspace (I saw my colleague and friend Jonathan Askin headed to protest outside the offices of Senators Charles Schumer and Kirstin Gillibrand). Many of the protesters argue that America is headed in the direction of authoritarian states such as China, Iran, and Bahrain in censoring the Net. The problem, though, is that America is not alone: most Western democracies are censoring the Internet. Britain does it for child pornography. France: hate speech. The EU is debating a proposal to allow “flagging” of objectionable content for ISPs to ban. Australia’s ISPs are engaging in pre-emptive censorship to prevent even worse legislation from passing. India wants Facebook, Google, and other online platforms to remove any content the government finds problematic.

Censorship is on the march, in democracies as well as dictatorships. With this movement we see, finally, the death of the American myth of free speech exceptionalism. We have viewed ourselves as qualitatively different – as defenders of unfettered expression. We are not. Even without SOPA and PROTECT IP, we are seizing domain names, filtering municipal wi-fi, and using funding to leverage colleges and universities to filter P2P. The reasons for American Internet censorship differ from those of France, South Korea, or China. The mechanism of restriction does not. It is time for us to be honest: America, too, censors. I think we can, and should, defend the legitimacy of our restrictions – the fight on-line and in Congress and in the media shows how we differ from China – but we need to stop pretending there is an easy line to be drawn between blocking human rights sites and blocking Rojadirecta or Dajaz1.

Cross-posted at <a href="Today, you can't get to The Oatmeal, or Dinosaur Comics, or XKCD, or (less importantly) Wikipedia. The sites have gone dark to protest the Stop Online Piracy Act (SOPA) and the PROTECT IP Act, America’s attempt to censor the Internet to reduce copyright infringement. This is part of a remarkable, distributed, coordinated protest effort, both online and in realspace (I saw my colleague and friend Jonathan Askin headed to protest outside the offices of Senators Charles Schumer and Kirstin Gillibrand). Many of the protesters argue that America is headed in the direction of authoritarian states such as China, Iran, and Bahrain in censoring the Net. The problem, though, is that America is not alone: most Western democracies are censoring the Internet. Britain does it for child pornography. France: hate speech. The EU is debating a proposal to allow “flagging” of objectionable content for ISPs to ban. Australia’s ISPs are engaging in pre-emptive censorship to prevent even worse legislation from passing. India wants Facebook, Google, and other online platforms to remove any content the government finds problematic.

Censorship is on the march, in democracies as well as dictatorships. With this movement we see, finally, the death of the American myth of free speech exceptionalism. We have viewed ourselves as qualitatively different – as defenders of unfettered expression. We are not. Even without SOPA and PROTECT IP, we are seizing domain names, filtering municipal wi-fi, and using funding to leverage colleges and universities to filter P2P. The reasons for American Internet censorship differ from those of France, South Korea, or China. The mechanism of restriction does not. It is time for us to be honest: America, too, censors. I think we can, and should, defend the legitimacy of our restrictions – the fight on-line and in Congress and in the media shows how we differ from China – but we need to stop pretending there is an easy line to be drawn between blocking human rights sites and blocking Rojadirecta or Dajaz1.

Cross-posted at Concurring Opinions.

1 Comment »
Filed under: Copyright, Digital Media, Education & Copyright, Filtering, First Amendment, Google, Intermediaries, Internet & Society, ISP, Media, Music, Politics, RIAA, Scholarship, Search Engines, Social Networking, Video

The Fight For Internet Censorship

Posted on January 16th, 2012 by Derek Bambauer

Thanks to Danielle and the CoOp crew for having me! I’m excited.

Speaking of exciting developments, it appears that the Stop Online Piracy Act (SOPA) is dead, at least for now. House Majority Leader Eric Cantor has said that the bill will not move forward until there is a consensus position on it, which is to say, never. Media sources credit the Obama administration’s opposition to some of the more noxious parts of SOPA, such as its DNSSEC-killing filtering provisions, and also the tech community’s efforts to raise awareness. (Techdirt’s Mike Masnick has been working overtime in reporting on SOPA; Wikipedia and Reddit are adopting a blackout to draw attention; even the New York City techies are holding a demonstration in front of the offices of Senators Kirstin Gillibrand and Charles Schumer. Schumer has been bailing water on the SOPA front after one of his staffers told a local entrepreneur that the senator supports Internet censorship. Props for candor.) I think the Obama administration’s lack of enthusiasm for the bill is important, but I suspect that a crowded legislative calendar is also playing a significant role.

Of course, the PROTECT IP Act is still floating around the Senate. It’s less worse than SOPA, in the same way that Transformers 2 is less worse than Transformers 3. (You still might want to see what else Netflix has available.) And sponsor Senator Patrick Leahy has suggested that the DNS filtering provisions of the bill be studied – after the legislation is passed. It’s much more efficient, legislatively, to regulate first and then see if it will be effective. A more cynical view is that Senator Leahy’s move is a public relations tactic designed to undercut the opposition, but no one wants to say so to his face.

I am not opposed to Internet censorship in all situations, which means I am often lonely at tech-related events. But these bills have significant flaws. They threaten to badly weaken cybersecurity, an area that is purportedly a national priority (and has been for 15 years). They claim to address a major threat to IP rightsholders despite the complete lack of data that the threat is anything other than chimerical. They provide scant procedural protections for accused infringers, and confer extraordinary power on private rightsholders – power that will, inevitably, be abused. And they reflect a significant public choice imbalance in how IP and Internet policy is made in the United States.

Surprisingly, the Obama administration has it about right: we shouldn’t reject Internet censorship as a regulatory mechanism out of hand, but we should be wary of it. This isn’t the last stage of this debate – like Wesley in The Princess Bride, SOPA-like legislation is only mostly dead. (And, if you don’t like the Obama administration’s position today, just wait a day or two.)

Cross-posted at Concurring Opinions.

No Comments »
Filed under: civil procedure, Copyright, Digital Media, Filtering, First Amendment, Google, Intermediaries, international, Internet & Society, Network Neutrality, Politics, RIAA, Scholarship, Search Engines

Transparency, Internet Freedom, and IP

Posted on January 4th, 2012 by Derek Bambauer

On Saturday, January 7, at 8:30AM (yes, that’s early, bring coffee), I’ll be speaking on a panel on Governmental Transparency in the Digital Age, run by the National Security Section of the AALS. It’s in Delaware Suite B on the lobby level of the Marriott Wardman Park Hotel. In addition to having painful flashbacks to the AALS Meat Market, I’ll be discussing the lack of transparency in Internet and IP policymaking under the Obama administration. Hope to see you there!

No Comments »
Filed under: Copyright, Court Decisions, Digital Media, Education & Copyright, Filtering, First Amendment, Intermediaries, international, Internet & Society, ISP, Law School, national security, Network Neutrality, Politics, RIAA, Scholarship, Security

Breaking the Net

Posted on December 19th, 2011 by Derek Bambauer

Mark Lemley, David Post, and Dave Levine have an excellent article in the Stanford Law Review Online, Don’t Break the Internet. It explains why proposed legislation, such as SOPA and PROTECT IP, is so badly-designed and pernicious. It’s not quite clear what is happening with SOPA, but it appears to be scheduled for mark-up this week. SOPA has, ironically, generated some highly thoughtful writing and commentary – I recently read pieces by Marvin Ammori, Zach Carter, Rebecca MacKinnon / Ivan Sigal, and Rob Fischer.

There are two additional, disturbing developments. First, the public choice problems that Jessica Litman identifies with copyright legislation more generally are manifestly evident in SOPA: Rep. Lamar Smith, the SOPA sponsor, gets more campaign donations from the TV / movie / music industries than any other source. He’s not the only one. These bills are rent-seeking by politically powerful industries; those campaign donations are hardly altruistic. The 99% – the people who use the Internet – don’t get a seat at the bargaining table when these bills are drafted, negotiated, and pushed forward.

Second, representatives such as Mel Watt and Maxine Waters have not only admitted to ignorance about how the Internet works, but have been proud of that fact. They’ve been dismissive of technical experts such as Vint Cerf – he’s only the father of TCP/IP – and folks such as Steve King of Iowa can’t even be bothered to pay attention to debate over the bill. I don’t mind that our Congresspeople are not knowledgeable about every subject they must consider – there are simply too many – but I am both concerned and offended that legislators like Watt and Waters are proud of being fools. This is what breeds inattention to serious cybersecurity problems while lawmakers freak out over terrorists on Twitter. (If I could have one wish for Christmas, it would be that every terrorist would use Twitter. The number of Navy SEALs following them would be… sizeable.) It is worrisome when our lawmakers not only don’t know how their proposals will affect the most important communications platform in human history, but overtly don’t care. Ignorance is not bliss, it is embarrassment.

Cross-posted at Prawfsblawg.

No Comments »
Filed under: Copyright, Digital Media, Filtering, First Amendment, Google, Intermediaries, international, Internet & Society, ISP, Media, Music, national security, Politics, RIAA, Scholarship, Search Engines, Security, Software

Six Things Wrong with SOPA

Posted on December 14th, 2011 by Derek Bambauer

America is moving to censor the Internet. The PROTECT IP and Stop Online Piracy Acts have received considerable attention in the legal and tech world; SOPA’s markup in the House occurs tomorrow. I’m not opposed to blacklisting Internet sites on principle; however, I think that thoughtful procedural protections are vital to doing so in a legitimate way. Let me offer six things that are wrong with SOPA and PROTECT IP: they harm cybersecurity, are wildly overbroad and vague, enable unconstitutional prior restraint, undercut American credibility on Internet freedom, damage a well-working system for online infringement, and lack any empirical justification whatsoever. And, let me address briefly Floyd Abrams’s letter in support of PROTECT IP, as it is frequently adverted to by supporters of the legislation. (The one-word summary: “sellout.” The longer summary: The PROTECT IP letter will be to Abrams’ career what the Transformersmovie was to that of Orson Welles.)

  1. Cybersecurity – the bills make cybersecurity worse. The most significant risk is that they impede – in fact, they’d prevent – the deployment of DNSSEC, which is vitally important to reducing phishing, man-in-the-middle attacks, and similar threats. Technical experts are unanimous on this – see, for example, Sandia National Laboratories, or Steve CrockerPaul Vixie / Dan Kaminsky et al. Idiots, like the MPAA’s Michael O’Leary, disagree, and simply assert that “the codes change.” (This is what I call “magic elf” thinking: we can just get magic elves to change the Internet to solve all of our problems. Congress does this, too, as when it includes imaginary age-verifying technologies in Internet legislation.) Both bills would mandate that ISPs redirect users away from targeted sites, to government warning notices such as those employed in domain name seizure cases. But, this is exactly what DNSSEC seeks to prevent – it ensures that the only content returned in response to a request for a Web site is that authorized by the site’s owner. There are similar problems with IP-based redirection, as Pakistan’s inadvertent hijacking of YouTube demonstrated. It is ironic that at a time when the Obama administration has designated cybersecurity as a major priority, Congress is prepared to adopt legislation that makes the Net markedly less secure.
  2. Wildly overbroad and vague- the legislation (particularly SOPA) is a blunderbuss, not a scalpel. Sites eligible for censoring include those:
      • primarily designed or operated for copyright infringement, trademark infringement, or DMCA § 1201 infringement
      • with a limited purpose or use other than such infringement
      • that facilitate or enable such infringement
      • that promote their use to engage in infringement
      • that take deliberate actions to avoid confirming high probability of such use

    If Flickr, Dropbox, and YouTube were located overseas, they would plainly qualify. Targeting sites that “facilitate or enable” infringement is particularly worrisome – this charge can be brought against a huge range of sites, such as proxy services or anonymizers. User-generated content sites are clearly dead. And the vagueness inherent in these terms means two things: a wave of litigation as courts try to sort out what the terminology means, and a chilling of innovation by tech startups.

  3. Unconstitutional prior restraint – the legislation engages in unconstitutional prior restraint. On filing an action, the Attorney General can obtain an injunction that mandates blocking of a site, or the cutoff of advertising and financial services to it – before the site’s owner has had a chance to answer, or even appear. This is exactly backwards: the Constitution teaches that the government cannot censor speech until it has made the necessary showing, in an adversarial proceeding – typically under strict scrutiny. Even under the more relaxed, intermediate scrutiny that characterizes review of IP law, censorship based solely on the government’s say-so is forbidden. The prior restraint problem is worsened as the bills target the entire site via its domain name, rather than focusing on individualized infringing content, as the DMCA does. Finally, SOPA’s mandatory notice-and-takedown procedure is entirely one-sided: it requires intermediaries to cease doing business with alleged infringers, but does not create any counter-notification akin to Section 512(g) of the DMCA. The bills tilt the table towards censorship. They’re unconstitutional, although it may well take long and expensive litigation to demonstrate that.
  4. Undercuts America’s moral legitimacy – there is an irreconciliable tension between these bills and the position of the Obama administration – especially Secretary of State Hillary Clinton – on Internet freedom. States such as Iran also mandate blocking of unlawful content; that’s why Iran blocked our “virtual embassy” there. America surrenders the rhetorical and moral advantage when it, too, censors on-line content with minimal process. SOPA goes one step farther: it permits injunctions against technologies that circumvent blocking – such as those funded by the State Department. This is fine with SOPA adherents; the MPAA’s Chris Dodd is a fan of Chinese-style censorship. But it ought to worry the rest of us, who have a stake in uncensored Internet communication.
  5. Undercuts DMCA – the notice-and-takedown provisions of the DMCA are reasonably well-working. They’re predictable, they scale for both discovering infringing content and removing it, and they enable innovation, such as both YouTube itself and YouTube’s system of monetizing potentially infringing content. The bills shift the burden of enforcement from IP owners – which is where it has traditionally rested, and where it belongs – onto intermediaries. SOPA in particular increases the burden, since sites must respond within 5 days of a notification of claimed infringement, with no exception for holidays or weekends. The content industries do not like the DMCA. That is no evidence at all that it is not functioning well.
  6. No empirical evidence – put simply, there is no empirical data suggesting these bills are necessary. The content industries routinely throw around made-up numbers, but they have been frequently debunked. How important are losses from foreign sites that are beyond the reach of standard infringement litigation, versus losses from domestic P2P networks, physical infringement, and the like? Data from places like Switzerland suggests that losses are, at best, minimal. If Hollywood wants America to censor the Internet, it needs to make a convincing case based on actual data, and not moronic analogies to stealing things off trucks. The bills, at their core, are rent-seeking: they would rewrite the law and alter fundamentally Internet free expression to benefit relatively small yet politically powerful industries. (It’s no shock two key Congressional aides who worked on the legislation have taken jobs in Hollywood – they’re just following Mitch Glazier, Dan Glickman, and Chris Dodd through the revolving door.) The bills are likely to impede innovation by the far larger information technology industry, and indeed to drive some economic activity in IT offshore.

The bills are bad policy and bad law. And yet I expect one of them to pass and be signed into law.

Lastly, the Abrams letter: Noted First Amendment attorney Floyd Abrams wrote a letter in favor of PROTECT IP. Abrams’s letter is long, but surprisingly thin on substantive legal analysis of PROTECT IP’s provisions. It looks like advocacy, but in reality, it is Abrams selling his (fading) reputation as a First Amendment defender to Hollywood. The letter rehearses standard copyright and First Amendment doctrine, and then tries to portray PROTECT IP as a bill firmly in line with First Amendment jurisprudence. It isn’t, as Marvin Ammori and Larry Tribe note, and Abrams embarrasses himself by pretending otherwise. Having the government target Internet sites for pre-emptive censorship, and permitting them to do so before a hearing on the merits, is extraordinary. It is error-prone – look at Dajaz1 and mooo.com. And it runs afoul of not only traditional First Amendment doctrine, but in particular the current Court’s heightened protection of speech in a wave of cases last term. Injunctions affecting speech are different in character than injunctions affecting other things, such as conduct, and even the cases that Abrams cites (such as Universal City Studios v. Corley) acknowledge this. According to Abrams, the constitutionality of PROTECT IP is an easy call. That’s only true if you’re Hollywood’s sockpuppet. Thoughtful analysis is far harder.

Cross-posted at Prawfsblawg.

2 Comments »
Filed under: Blogging, Copyright, Court Decisions, Digital Media, Filtering, First Amendment, Intermediaries, Internet & Society, ISP, Media, Music, Peer Production, Politics, RIAA, Scholarship, Search Engines, Social Networking, Software, Trademarks

On the Move

Posted on December 14th, 2011 by Derek Bambauer

Jane Yakowitz and I have accepted offers from the University of Arizona James E. Rogers College of Law. We’re excited to join such a talented group! But, we’ll miss our Brooklyn friends. Come visit us in Tucson!

1 Comment »
Filed under: Law School, Scholarship

Next Page »

Bad Behavior has blocked 24 access attempts in the last 7 days.